On Thu, Apr 3, 2025 at 6:29 PM nusenu via tor-dev <tor-dev@lists.torproject.org> wrote:
Hi,
given the following example, tor fails to access the familykeydir folder.
familykeydir has the following permissions:
drwxr-x--- 2 root tor_reader
id _tor uid=996(_tor) gid=993(_tor) groups=993(_tor),994(tor_reader)
Is tor able to use secondary groups?
When using sudo to switch to user _tor manually, it is possible to read files in that folder without problems.
The problem does not happen when _tor's primary group is set to 'tor_reader'. Tested on debian.
Hm. In src/lib/process.setuid.c, it looks like we're only calling setgroups() with a single gid from the password database, not with any additional groups. So I don't think the C tor implementation is set up to handle _switching_ to secondary groups when you're telling it to setuid. -- Nick